This method allows to add cookie-based login form for any PHP script or pages. It is particularly useful for adding paid membership support to an existing PHP-based application.
If your existing content is in standard .html files rather than .php files, see Content/Folders
- All your protected content is stored in PHP files.
Not useful if:
- Images, downloadable content or other non-PHP files are included in your protected content.
- No special requirements.
Setting Up Protection
For this plugin to work the file /amember/library/Am/Lite.php must be included at the very top (before the opening <html> tag) of the PHP pages you wish to protect as follows:
<?php include("aMember_Root_Dir/library/Am/Lite.php"); // replace aMember_Root_Dir to actual path of amember folder on the server (not URL!) Am_Lite::getInstance()->checkAccess(array(1,3), 'My Protected Page Title'); .. any existing PHP code goes here .. ?>
Note: You must edit the products array to reflect the aMember product which gives access to the page. For example, if access is confined to those with products 1 and 3 it will be as above. If it is confined to those with products 2 and 5 you would use Am_Lite::checkAccess(array(2,5));
Note: Instead of first argument (array(1,3) in our example), you may use special constants: Am_Lite::PAID - access is allowed if user has paid for any subscription. Am_Lite::FREE - access is allowed if user has a free subscription. Am_Lite::ANY - access is allowed if user has any subscription that has not expired. Am_Lite::ONLY_LOGIN - validate username,password only, do not check user subscriptions status.
Note: aMember_Root_Dir must be replaced with actual unix path (not URL!) to aMember folder. You can find this path at aMember CP, click in menu "Version Info" link, then look for "Root Folder" value.
How does it work (for programmers only)
When a user enters a URL to the protected page the aMember login form is displayed and the user enters a username/password. This information is compared to entries in the member database to determine whether a user has the right credentials
- If the user is not authorized yet, user will be redirected to aMember login form.
- If the user has been authenticated, but has no access to given content, a no-access page will be displayed.
- If the user has an active subscription to a product as defined in products list, then the protected PHP page will be displayed.
If you are not using subscriptions or wish to allow any member to have access to a page, regardless of the subscriptions they hold, then you can define products list as array('ONLY_LOGIN'); This simply checks that the username and password exist in the database. Be careful - it will allow access for non paying or expired members!